hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Nauroth (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-6666) Abort NameNode and DataNode startup if security is enabled but block access token is not enabled.
Date Wed, 08 Apr 2015 22:14:12 GMT

    [ https://issues.apache.org/jira/browse/HDFS-6666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14486180#comment-14486180

Chris Nauroth commented on HDFS-6666:

Thank you for the patch, [~vijaysbhat].

It's not necessary to call {{LOG.error}} before throwing the exceptions.  The exceptions will
propagate out and get logged at a higher layer before the process terminates.  The log statements
here would cause the error to get logged twice.

On the NameNode side, I recommend changing the existing code in {{BlockManager#createBlockTokenSecretManager}}
instead of adding new code to the {{NameNode}} class.  The existing code currently logs an
error.  We'd just need to change it to throw an exception.

In the test, I recommend using JUnit's {{ExpectedException}} with the expected message set
to something like "Security is enabled but block access tokens".  For an example of this,
see {{TestSaslDataTransfer#testDataNodeAbortsIfNoSasl}}.  This will help us guarantee that
the exception is thrown from the right place and for the right reason.

> Abort NameNode and DataNode startup if security is enabled but block access token is
not enabled.
> -------------------------------------------------------------------------------------------------
>                 Key: HDFS-6666
>                 URL: https://issues.apache.org/jira/browse/HDFS-6666
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: datanode, namenode, security
>    Affects Versions: 3.0.0, 2.5.0
>            Reporter: Chris Nauroth
>            Assignee: Vijay Bhat
>            Priority: Minor
>         Attachments: HDFS-6666.001.patch
> Currently, if security is enabled by setting hadoop.security.authentication to kerberos,
but HDFS block access tokens are disabled by setting dfs.block.access.token.enable to false
(which is the default), then the NameNode logs an error and proceeds, and the DataNode proceeds
without even logging an error.  This jira proposes that this it's invalid to turn on security
but not turn on block access tokens, and that it would be better to fail fast and abort the
daemons during startup if this happens.

This message was sent by Atlassian JIRA

View raw message